Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| LOG_LEVEL | No | Logging level | INFO |
| DAILY_QUOTA | No | API request quota | 1000 |
| MAX_AGE_DAYS | No | Default report age limit | 30 |
| CACHE_DB_PATH | No | SQLite cache file location | ./cache.db |
| ABUSEIPDB_API_KEY | Yes | Your AbuseIPDB API key | |
| ALLOW_PRIVATE_IPS | No | Allow checking private IPs | false |
| CONFIDENCE_THRESHOLD | No | Default confidence threshold | 75 |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| check_ip | Check the reputation of a single IP address using AbuseIPDB |
| check_block | Check the reputation of a CIDR block using AbuseIPDB |
| get_blacklist | Retrieve the AbuseIPDB blacklist of malicious IP addresses |
| bulk_check | Check multiple IP addresses in batch against AbuseIPDB |
| enrich_log_line | Extract and enrich IP addresses from a log line with AbuseIPDB data |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
| triage_ip | Generate analyst triage notes for an IP address |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
| Cache Information | Current cache statistics and status |
| Usage Documentation | API usage documentation and examples |